What is CVE-2025-1696?

CVE-2025-1696 is a vulnerability in Docker Desktop, classified under Insertion of Sensitive Information into Log File. Published 2025-03-06.

Is CVE-2025-1696 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Information disclosure in Docker Desktop

CVE-2025-1696

A vulnerability exists in Docker Desktop prior to version 4.39.0 that could lead to the unintentional disclosure of sensitive information via application logs. In affected versions, proxy configuration data—potentially including sensitive…

EPSS: 0.001 (21.3th percentile) — read the EPSS interpretation.

Affected products

Docker Desktop — versions 0

Weakness classification (CWE)

CWE-532 — Insertion of Sensitive Information into Log File

Public proof-of-concept exploits

fkie-cad/nvd-json-data-feeds
tanjiti/sec_

References

docs.docker.com/desktop/settings-and-maintenance/settings/
docs.docker.com/desktop/troubleshoot-and-support/troubleshoot/

Frequently asked questions

What is CVE-2025-1696?: CVE-2025-1696 is a vulnerability in Docker Desktop, classified under Insertion of Sensitive Information into Log File. Published 2025-03-06.
Is CVE-2025-1696 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.